Firewalls and other security devices/programs typically enforce policies against network transmissions based on a set of rules. In some cases, the rules may be based on hostname information, such as by preventing a user from accessing a specific website (e.g., denying access to http://www.example.com), or by preventing a user from accessing a category associated with the website (e.g., denying access to sites classified as “social networking” sites or “pornographic” sites). Unfortunately, techniques exist for evading hostname-related filtering.